Garabiles 1

Quennie Kate M. Garabiles

Jhon Lerry M. Martinez

ITEC 31 – Auditing in CIS Environment

BS Accountancy 5

December 23, 2020

Chapter 1- Problem 5

a) First is the Management, it has the overall responsibility in the company. They are the one

who establish system in a way to be the company to grow as well as to be safe in any threat or to avoid

the company to dissolve. They the one to establish system on how to maintain their good image and

reputation. Secondly are the audit committee which are involve in organizations accounting policies and

financial reporting practices. They help third parties or the board of director itself to make sure to

communicate and assure that the organization is a company that is reliable and can be worth investing

for. As the External auditors review the control structure inside the organization specially in the area of

accounting system, control environment and procedures, control risk in financial statement assertion,

they are the one to inform any material weakness that a company has. And as the Internal audit

department, they perform both operational and financial audits to assure that they complying with the

establish policies and procedures. They also report any findings and recommendation for evaluation and

suggest solution to the management or to the audit committee.

b) Micro Dynamics Audit committee are responsible for acting as a liaison between the auditors

and the board of directors. They are also responsible in obtaining assurance that the organization’s

control system is sufficient and effective to identify risk and threats and that the financial disclosure
 Garabiles 2

made by management reflect the result of operation and changes in cash flows. Lastly is the reviewing

the progress of the audit and final audit findings.

Chapter 2- Problem 1

1. Programmers has unlimited access to computer- they should limit the access only to debugging

and testing.

2. Computers operator’s supervisor has no access to computer room- she/he should have access

3. EDP system documentation- it should include programs, flowcharts, and operator instruction.

4. Shipping Notices- it should have a numerical sequence and should be checked by the computer

and missing number should be reported.

5. Billing and cash collection are not separated from accounts receivables- it should be separated

6. Invoices- They should not be forwarded to the billing clerk but forwarded to like mailroom clerk

for mailing customer. Billing clerk also should maintain a copy of the adding machine tapes to

reconcile with the daily sales register.

Chapter 2 Problem 3, Requirement 1

Auditors of Avatar are stressing the need to have a better physical environment for the server is

because physical environment is really a big factor specially for a software because it affects the risks of

disaster directly. Not just for the threat of physical intruders like human made and natural hazards such

as processing plants, gas, and water mains, airports, high-crime areas, flood plains and geological fruits

but also fortuitous events like floods, fire, wind, earthquakes, or power outages. Even if these events are

rarely to happen it is better to account it as early as possible because this may cause a great loss and

delay to the company daily operation. Even if Avatar has proper software control in place. It would not

be enough to secure information as they may loss a great amount of investment in the server and
 Garabiles 3

computer system but they also loss an important data and ability to do business as such software checks

cannot prevent such losses.

Chapter 3- problem 7

1. Cons- can cause physical damage, data can get wet by the water which cause data loss, normal

working will stop and a lot of damage not only material but also it will more cost money

specially replacing wet supplies and appliances.

Prevention- Do not eat anything by mainframe, have a constant backup of data, always has a gas

suppressant system not wet.

2. Cons- it is a privacy breach; Confidential data is being expose like username and passwords

which can cause to a lawsuit

Prevention- dispose policy for assets, no dumping of confidential data and purge the

confidential information before disposing.

3. Cons- Data that is corrupted.

Prevention- They should have virus detection, restrict the access whom is allowed to use or put

new software in the system. They should also have a system that focuses on detecting intrusion

and can deny access.

4. Cons- data has been disrupted or corrupted

Prevention- have a policy that don’t allow people to install programs on programs except by the

admin and never use or download from the internet without securing the sources.

5. Cons- Breach of privacy, no sense of professionalism, the company’s profitability is being

exposed.

Prevention- Revoke all the access of an employee once it leaves the company and yearly revie or

change the access list of the company